Foil Wireless Poachers and Have Fun Doing It (Part 2)

Killing and Slaying

January 31, 2007

By
Carla Schroder

Last week we learned some fun ways to mess with the minds of wireless freeloaders, and introduced ourselves to some methods for finding out who is on our networks. Today we're going to learn some different ways to kick unwanted visitors off networks, and how to see exactly who is lurking on our airwaves.

Who says computer geeks are mild-mannered, non-violent wimps? Why, we have all manner of violent commands at our fingertips. Like whowatch, kill, tcpkill, and cutter. Ph34r us!

whowatch is for monitoring logins in realtime, and kicking users off specific hosts. Suppose you're logged into the fileserver in an SSH session, and you want to see who else is logged in. Just run the whowatch command as root. You'll see an ncurses display showing a list of users:

Ha. Take that, Pinball. The Enter key toggles between the selected user and the list of users. Press F9 to expose the top menus. Obviously you now need to figure out how an unauthorized user was able to log into your server, repair the breach, and look for rootkits or other nasties. You might even need to rebuild the whole system. But at least you found out there was an intruder, which is always a good thing to know.

Most Popular LinuxPlanet Stories

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.